puppet 6.21.0 → 6.24.0

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.


This version of puppet might be problematic. Click here for more details.

Files changed (217) hide show
  1. checksums.yaml +4 -4
  2. data/CONTRIBUTING.md +5 -5
  3. data/Gemfile +1 -1
  4. data/Gemfile.lock +29 -23
  5. data/README.md +4 -4
  6. data/ext/osx/puppet.plist +2 -0
  7. data/ext/project_data.yaml +3 -2
  8. data/lib/puppet.rb +3 -3
  9. data/lib/puppet/application/agent.rb +12 -5
  10. data/lib/puppet/application/apply.rb +2 -1
  11. data/lib/puppet/application/device.rb +2 -1
  12. data/lib/puppet/application/filebucket.rb +1 -0
  13. data/lib/puppet/application/resource.rb +17 -3
  14. data/lib/puppet/application/script.rb +2 -1
  15. data/lib/puppet/application/ssl.rb +12 -0
  16. data/lib/puppet/configurer/downloader.rb +2 -1
  17. data/lib/puppet/defaults.rb +27 -5
  18. data/lib/puppet/environments.rb +26 -1
  19. data/lib/puppet/face/facts.rb +128 -30
  20. data/lib/puppet/face/help/action.erb +1 -0
  21. data/lib/puppet/face/help/face.erb +1 -0
  22. data/lib/puppet/face/node/clean.rb +11 -0
  23. data/lib/puppet/file_serving/fileset.rb +14 -2
  24. data/lib/puppet/file_system/file_impl.rb +1 -1
  25. data/lib/puppet/file_system/memory_file.rb +8 -1
  26. data/lib/puppet/file_system/windows.rb +4 -2
  27. data/lib/puppet/forge.rb +3 -3
  28. data/lib/puppet/functions/all.rb +1 -1
  29. data/lib/puppet/functions/camelcase.rb +1 -1
  30. data/lib/puppet/functions/capitalize.rb +2 -2
  31. data/lib/puppet/functions/downcase.rb +2 -2
  32. data/lib/puppet/functions/empty.rb +8 -0
  33. data/lib/puppet/functions/get.rb +5 -5
  34. data/lib/puppet/functions/group_by.rb +13 -5
  35. data/lib/puppet/functions/lest.rb +1 -1
  36. data/lib/puppet/functions/new.rb +100 -100
  37. data/lib/puppet/functions/partition.rb +12 -4
  38. data/lib/puppet/functions/require.rb +5 -5
  39. data/lib/puppet/functions/sort.rb +3 -3
  40. data/lib/puppet/functions/strftime.rb +1 -0
  41. data/lib/puppet/functions/tree_each.rb +7 -9
  42. data/lib/puppet/functions/type.rb +4 -4
  43. data/lib/puppet/functions/unwrap.rb +17 -2
  44. data/lib/puppet/functions/upcase.rb +2 -2
  45. data/lib/puppet/http/resolver/server_list.rb +15 -4
  46. data/lib/puppet/http/service/compiler.rb +69 -0
  47. data/lib/puppet/http/service/file_server.rb +2 -1
  48. data/lib/puppet/indirector/catalog/compiler.rb +1 -0
  49. data/lib/puppet/indirector/facts/facter.rb +24 -3
  50. data/lib/puppet/indirector/file_metadata/rest.rb +1 -0
  51. data/lib/puppet/indirector/resource/ral.rb +6 -1
  52. data/lib/puppet/interface/documentation.rb +1 -0
  53. data/lib/puppet/module_tool/applications/installer.rb +4 -0
  54. data/lib/puppet/module_tool/errors/shared.rb +17 -0
  55. data/lib/puppet/network/formats.rb +67 -0
  56. data/lib/puppet/network/http/factory.rb +4 -0
  57. data/lib/puppet/parser/functions/fqdn_rand.rb +14 -6
  58. data/lib/puppet/pops/types/p_sem_ver_type.rb +8 -2
  59. data/lib/puppet/pops/types/p_sensitive_type.rb +10 -0
  60. data/lib/puppet/pops/types/type_mismatch_describer.rb +1 -1
  61. data/lib/puppet/provider/exec/posix.rb +16 -4
  62. data/lib/puppet/provider/package/dnfmodule.rb +1 -1
  63. data/lib/puppet/provider/package/nim.rb +11 -6
  64. data/lib/puppet/provider/package/pip.rb +15 -3
  65. data/lib/puppet/provider/parsedfile.rb +3 -0
  66. data/lib/puppet/provider/service/systemd.rb +14 -4
  67. data/lib/puppet/provider/service/windows.rb +38 -0
  68. data/lib/puppet/provider/user/directoryservice.rb +25 -12
  69. data/lib/puppet/provider/user/useradd.rb +9 -2
  70. data/lib/puppet/reference/configuration.rb +1 -1
  71. data/lib/puppet/settings.rb +30 -7
  72. data/lib/puppet/settings/environment_conf.rb +1 -0
  73. data/lib/puppet/transaction/additional_resource_generator.rb +1 -1
  74. data/lib/puppet/type/exec.rb +16 -3
  75. data/lib/puppet/type/file.rb +19 -1
  76. data/lib/puppet/type/file/mode.rb +6 -0
  77. data/lib/puppet/type/file/selcontext.rb +1 -1
  78. data/lib/puppet/type/service.rb +18 -38
  79. data/lib/puppet/type/tidy.rb +22 -3
  80. data/lib/puppet/type/user.rb +38 -20
  81. data/lib/puppet/util/fact_dif.rb +36 -17
  82. data/lib/puppet/util/monkey_patches.rb +7 -0
  83. data/lib/puppet/util/selinux.rb +30 -4
  84. data/lib/puppet/util/symbolic_file_mode.rb +29 -17
  85. data/lib/puppet/util/windows/adsi.rb +46 -0
  86. data/lib/puppet/util/windows/api_types.rb +1 -1
  87. data/lib/puppet/util/windows/principal.rb +9 -2
  88. data/lib/puppet/util/windows/sid.rb +6 -2
  89. data/lib/puppet/version.rb +1 -1
  90. data/locales/puppet.pot +360 -280
  91. data/man/man5/puppet.conf.5 +279 -251
  92. data/man/man8/puppet-agent.8 +1 -1
  93. data/man/man8/puppet-apply.8 +1 -1
  94. data/man/man8/puppet-catalog.8 +9 -9
  95. data/man/man8/puppet-config.8 +1 -1
  96. data/man/man8/puppet-describe.8 +1 -1
  97. data/man/man8/puppet-device.8 +1 -1
  98. data/man/man8/puppet-doc.8 +1 -1
  99. data/man/man8/puppet-epp.8 +1 -1
  100. data/man/man8/puppet-facts.8 +65 -7
  101. data/man/man8/puppet-filebucket.8 +1 -1
  102. data/man/man8/puppet-generate.8 +1 -1
  103. data/man/man8/puppet-help.8 +1 -1
  104. data/man/man8/puppet-key.8 +7 -7
  105. data/man/man8/puppet-lookup.8 +1 -1
  106. data/man/man8/puppet-man.8 +1 -1
  107. data/man/man8/puppet-module.8 +1 -1
  108. data/man/man8/puppet-node.8 +5 -5
  109. data/man/man8/puppet-parser.8 +1 -1
  110. data/man/man8/puppet-plugin.8 +1 -1
  111. data/man/man8/puppet-report.8 +5 -5
  112. data/man/man8/puppet-resource.8 +1 -1
  113. data/man/man8/puppet-script.8 +1 -1
  114. data/man/man8/puppet-ssl.8 +5 -1
  115. data/man/man8/puppet-status.8 +4 -4
  116. data/man/man8/puppet.8 +2 -2
  117. data/spec/fixtures/ssl/127.0.0.1-key.pem +107 -57
  118. data/spec/fixtures/ssl/127.0.0.1.pem +52 -31
  119. data/spec/fixtures/ssl/bad-basic-constraints.pem +57 -35
  120. data/spec/fixtures/ssl/bad-int-basic-constraints.pem +57 -35
  121. data/spec/fixtures/ssl/ca.pem +57 -35
  122. data/spec/fixtures/ssl/crl.pem +28 -18
  123. data/spec/fixtures/ssl/ec-key.pem +11 -11
  124. data/spec/fixtures/ssl/ec.pem +33 -24
  125. data/spec/fixtures/ssl/encrypted-ec-key.pem +12 -12
  126. data/spec/fixtures/ssl/encrypted-key.pem +108 -58
  127. data/spec/fixtures/ssl/intermediate-agent-crl.pem +28 -19
  128. data/spec/fixtures/ssl/intermediate-agent.pem +57 -36
  129. data/spec/fixtures/ssl/intermediate-crl.pem +31 -21
  130. data/spec/fixtures/ssl/intermediate.pem +57 -36
  131. data/spec/fixtures/ssl/oid-key.pem +117 -0
  132. data/spec/fixtures/ssl/oid.pem +69 -0
  133. data/spec/fixtures/ssl/pluto-key.pem +107 -57
  134. data/spec/fixtures/ssl/pluto.pem +52 -30
  135. data/spec/fixtures/ssl/request-key.pem +107 -57
  136. data/spec/fixtures/ssl/request.pem +47 -26
  137. data/spec/fixtures/ssl/revoked-key.pem +107 -57
  138. data/spec/fixtures/ssl/revoked.pem +52 -30
  139. data/spec/fixtures/ssl/signed-key.pem +107 -57
  140. data/spec/fixtures/ssl/signed.pem +52 -30
  141. data/spec/fixtures/ssl/tampered-cert.pem +52 -30
  142. data/spec/fixtures/ssl/tampered-csr.pem +47 -26
  143. data/spec/fixtures/ssl/trusted_oid_mapping.yaml +5 -0
  144. data/spec/fixtures/ssl/unknown-127.0.0.1-key.pem +107 -57
  145. data/spec/fixtures/ssl/unknown-127.0.0.1.pem +50 -29
  146. data/spec/fixtures/ssl/unknown-ca-key.pem +107 -57
  147. data/spec/fixtures/ssl/unknown-ca.pem +55 -33
  148. data/spec/fixtures/unit/provider/service/systemd/list_unit_files_services_vendor_preset +9 -0
  149. data/spec/integration/application/filebucket_spec.rb +11 -0
  150. data/spec/integration/application/module_spec.rb +21 -0
  151. data/spec/integration/application/plugin_spec.rb +1 -1
  152. data/spec/integration/application/resource_spec.rb +64 -0
  153. data/spec/integration/application/ssl_spec.rb +20 -0
  154. data/spec/integration/environments/settings_interpolation_spec.rb +0 -4
  155. data/spec/integration/http/client_spec.rb +12 -0
  156. data/spec/integration/indirector/direct_file_server_spec.rb +1 -3
  157. data/spec/integration/indirector/facts/facter_spec.rb +90 -36
  158. data/spec/integration/type/exec_spec.rb +70 -45
  159. data/spec/integration/util/windows/adsi_spec.rb +18 -0
  160. data/spec/integration/util/windows/principal_spec.rb +21 -0
  161. data/spec/integration/util/windows/registry_spec.rb +6 -0
  162. data/spec/lib/puppet/test_ca.rb +7 -2
  163. data/spec/lib/puppet_spec/settings.rb +1 -0
  164. data/spec/spec_helper.rb +11 -1
  165. data/spec/unit/application/agent_spec.rb +7 -2
  166. data/spec/unit/application/facts_spec.rb +482 -3
  167. data/spec/unit/application/ssl_spec.rb +23 -0
  168. data/spec/unit/configurer/downloader_spec.rb +6 -0
  169. data/spec/unit/configurer_spec.rb +23 -0
  170. data/spec/unit/defaults_spec.rb +16 -0
  171. data/spec/unit/environments_spec.rb +199 -88
  172. data/spec/unit/face/facts_spec.rb +4 -0
  173. data/spec/unit/file_serving/fileset_spec.rb +60 -0
  174. data/spec/unit/file_system_spec.rb +15 -0
  175. data/spec/unit/functions/assert_type_spec.rb +1 -1
  176. data/spec/unit/functions/empty_spec.rb +10 -0
  177. data/spec/unit/functions/unwrap_spec.rb +8 -0
  178. data/spec/unit/functions4_spec.rb +2 -2
  179. data/spec/unit/gettext/config_spec.rb +12 -0
  180. data/spec/unit/http/service/compiler_spec.rb +123 -0
  181. data/spec/unit/indirector/catalog/compiler_spec.rb +14 -10
  182. data/spec/unit/indirector/facts/facter_spec.rb +95 -0
  183. data/spec/unit/indirector/resource/ral_spec.rb +40 -75
  184. data/spec/unit/module_tool/applications/installer_spec.rb +12 -0
  185. data/spec/unit/network/formats_spec.rb +41 -0
  186. data/spec/unit/network/http/factory_spec.rb +19 -0
  187. data/spec/unit/parser/functions/fqdn_rand_spec.rb +15 -1
  188. data/spec/unit/parser/templatewrapper_spec.rb +12 -2
  189. data/spec/unit/pops/types/p_sem_ver_type_spec.rb +18 -0
  190. data/spec/unit/pops/types/p_sensitive_type_spec.rb +18 -0
  191. data/spec/unit/provider/package/dnfmodule_spec.rb +10 -1
  192. data/spec/unit/provider/package/nim_spec.rb +42 -0
  193. data/spec/unit/provider/package/pip_spec.rb +37 -0
  194. data/spec/unit/provider/parsedfile_spec.rb +10 -0
  195. data/spec/unit/provider/service/init_spec.rb +1 -0
  196. data/spec/unit/provider/service/openwrt_spec.rb +3 -1
  197. data/spec/unit/provider/service/systemd_spec.rb +53 -8
  198. data/spec/unit/provider/service/windows_spec.rb +202 -0
  199. data/spec/unit/provider/user/directoryservice_spec.rb +67 -35
  200. data/spec/unit/provider/user/useradd_spec.rb +21 -6
  201. data/spec/unit/resource/catalog_spec.rb +1 -1
  202. data/spec/unit/settings_spec.rb +97 -56
  203. data/spec/unit/ssl/state_machine_spec.rb +19 -5
  204. data/spec/unit/transaction/additional_resource_generator_spec.rb +0 -2
  205. data/spec/unit/transaction_spec.rb +18 -20
  206. data/spec/unit/type/exec_spec.rb +76 -29
  207. data/spec/unit/type/file/selinux_spec.rb +3 -3
  208. data/spec/unit/type/file/source_spec.rb +4 -4
  209. data/spec/unit/type/service_spec.rb +59 -188
  210. data/spec/unit/type/tidy_spec.rb +24 -7
  211. data/spec/unit/type/user_spec.rb +45 -0
  212. data/spec/unit/util/selinux_spec.rb +87 -16
  213. data/spec/unit/util/windows/sid_spec.rb +41 -0
  214. data/tasks/generate_cert_fixtures.rake +12 -3
  215. metadata +16 -7
  216. data/spec/lib/matchers/include.rb +0 -27
  217. data/spec/lib/matchers/include_spec.rb +0 -32
@@ -7,7 +7,7 @@ require 'spec_helper'
7
7
 
8
8
  before do
9
9
  @path = make_absolute("/my/file")
10
- @resource = Puppet::Type.type(:file).new :path => @path
10
+ @resource = Puppet::Type.type(:file).new(:path => @path, :ensure => :file)
11
11
  @sel = property.new :resource => @resource
12
12
  end
13
13
 
@@ -50,13 +50,13 @@ require 'spec_helper'
50
50
  end
51
51
 
52
52
  it "should handle no default gracefully" do
53
- expect(@sel).to receive(:get_selinux_default_context).with(@path).and_return(nil)
53
+ expect(@sel).to receive(:get_selinux_default_context).with(@path, :file).and_return(nil)
54
54
  expect(@sel.default).to be_nil
55
55
  end
56
56
 
57
57
  it "should be able to detect matchpathcon defaults" do
58
58
  allow(@sel).to receive(:debug)
59
- expect(@sel).to receive(:get_selinux_default_context).with(@path).and_return("user_u:role_r:type_t:s0")
59
+ expect(@sel).to receive(:get_selinux_default_context).with(@path, :file).and_return("user_u:role_r:type_t:s0")
60
60
  expectedresult = case param
61
61
  when :seluser; "user_u"
62
62
  when :selrole; "role_r"
@@ -264,7 +264,7 @@ describe Puppet::Type.type(:file).attrclass(:source), :uses_checksums => true do
264
264
 
265
265
  expect(@resource[:owner]).to eq(100)
266
266
  expect(@resource[:group]).to eq(200)
267
- expect(@resource[:mode]).to eq("173")
267
+ expect(@resource[:mode]).to eq("0173")
268
268
 
269
269
  # Metadata calls it checksum and checksum_type, we call it content and checksum.
270
270
  expect(@resource[:content]).to eq(@metadata.checksum)
@@ -281,7 +281,7 @@ describe Puppet::Type.type(:file).attrclass(:source), :uses_checksums => true do
281
281
 
282
282
  expect(@resource[:owner]).to eq(1)
283
283
  expect(@resource[:group]).to eq(2)
284
- expect(@resource[:mode]).to eq('173')
284
+ expect(@resource[:mode]).to eq('0173')
285
285
  expect(@resource[:content]).not_to eq(@metadata.checksum)
286
286
  expect(@resource[:checksum]).not_to eq(@metadata.checksum_type.to_sym)
287
287
  end
@@ -318,7 +318,7 @@ describe Puppet::Type.type(:file).attrclass(:source), :uses_checksums => true do
318
318
 
319
319
  expect(@resource[:owner]).to eq(100)
320
320
  expect(@resource[:group]).to eq(200)
321
- expect(@resource[:mode]).to eq("173")
321
+ expect(@resource[:mode]).to eq("0173")
322
322
  end
323
323
 
324
324
  it "copies the remote owner" do
@@ -336,7 +336,7 @@ describe Puppet::Type.type(:file).attrclass(:source), :uses_checksums => true do
336
336
  it "copies the remote mode" do
337
337
  @source.copy_source_values
338
338
 
339
- expect(@resource[:mode]).to eq("173")
339
+ expect(@resource[:mode]).to eq("0173")
340
340
  end
341
341
  end
342
342
 
@@ -72,50 +72,65 @@ describe test_title, "when validating attribute values" do
72
72
  allow(@provider.class).to receive(:supports_parameter?).and_return(true)
73
73
  end
74
74
 
75
- it "should support :true as a value" do
76
- srv = Puppet::Type.type(:service).new(:name => "yay", :enable => :true)
77
- expect(srv.should(:enable)).to eq(:true)
78
- end
75
+ describe "for value without required features" do
76
+ before :each do
77
+ allow(@provider).to receive(:satisfies?)
78
+ end
79
79
 
80
- it "should support :false as a value" do
81
- srv = Puppet::Type.type(:service).new(:name => "yay", :enable => :false)
82
- expect(srv.should(:enable)).to eq(:false)
83
- end
80
+ it "should not support :mask as a value" do
81
+ expect { Puppet::Type.type(:service).new(:name => "yay", :enable => :mask) }.to raise_error(
82
+ Puppet::ResourceError,
83
+ /Provider .+ must have features 'maskable' to set 'enable' to 'mask'/
84
+ )
85
+ end
84
86
 
85
- it "should support :mask as a value" do
86
- srv = Puppet::Type.type(:service).new(:name => "yay", :enable => :mask)
87
- expect(srv.should(:enable)).to eq(:mask)
88
- end
87
+ it "should not support :manual as a value" do
88
+ expect { Puppet::Type.type(:service).new(:name => "yay", :enable => :manual) }.to raise_error(
89
+ Puppet::ResourceError,
90
+ /Provider .+ must have features 'manual_startable' to set 'enable' to 'manual'/
91
+ )
92
+ end
89
93
 
90
- it "should support :manual as a value on Windows" do
91
- allow(Puppet::Util::Platform).to receive(:windows?).and_return(true)
92
- srv = Puppet::Type.type(:service).new(:name => "yay", :enable => :manual)
93
- expect(srv.should(:enable)).to eq(:manual)
94
+ it "should not support :mask as a value" do
95
+ expect { Puppet::Type.type(:service).new(:name => "yay", :enable => :delayed) }.to raise_error(
96
+ Puppet::ResourceError,
97
+ /Provider .+ must have features 'delayed_startable' to set 'enable' to 'delayed'/
98
+ )
99
+ end
94
100
  end
95
101
 
96
- it "should support :delayed as a value on Windows" do
97
- allow(Puppet::Util::Platform).to receive(:windows?).and_return(true)
102
+ describe "for value with required features" do
103
+ before :each do
104
+ allow(@provider).to receive(:satisfies?).and_return(:true)
105
+ end
98
106
 
99
- srv = Puppet::Type.type(:service).new(:name => "yay", :enable => :delayed)
100
- expect(srv.should(:enable)).to eq(:delayed)
101
- end
107
+ it "should support :true as a value" do
108
+ srv = Puppet::Type.type(:service).new(:name => "yay", :enable => :true)
109
+ expect(srv.should(:enable)).to eq(:true)
110
+ end
102
111
 
103
- it "should not support :manual as a value when not on Windows" do
104
- allow(Puppet::Util::Platform).to receive(:windows?).and_return(false)
112
+ it "should support :false as a value" do
113
+ srv = Puppet::Type.type(:service).new(:name => "yay", :enable => :false)
114
+ expect(srv.should(:enable)).to eq(:false)
115
+ end
105
116
 
106
- expect { Puppet::Type.type(:service).new(:name => "yay", :enable => :manual) }.to raise_error(
107
- Puppet::Error,
108
- /Setting enable to manual is only supported on Microsoft Windows\./
109
- )
110
- end
117
+ it "should support :mask as a value" do
118
+ srv = Puppet::Type.type(:service).new(:name => "yay", :enable => :mask)
119
+ expect(srv.should(:enable)).to eq(:mask)
120
+ end
111
121
 
112
- it "should not support :delayed as a value when not on Windows" do
113
- allow(Puppet::Util::Platform).to receive(:windows?).and_return(false)
122
+ it "should support :manual as a value on Windows" do
123
+ allow(Puppet::Util::Platform).to receive(:windows?).and_return(true)
124
+ srv = Puppet::Type.type(:service).new(:name => "yay", :enable => :manual)
125
+ expect(srv.should(:enable)).to eq(:manual)
126
+ end
114
127
 
115
- expect { Puppet::Type.type(:service).new(:name => "yay", :enable => :delayed) }.to raise_error(
116
- Puppet::Error,
117
- /Setting enable to delayed is only supported on Microsoft Windows\./
118
- )
128
+ it "should support :delayed as a value on Windows" do
129
+ allow(Puppet::Util::Platform).to receive(:windows?).and_return(true)
130
+
131
+ srv = Puppet::Type.type(:service).new(:name => "yay", :enable => :delayed)
132
+ expect(srv.should(:enable)).to eq(:delayed)
133
+ end
119
134
  end
120
135
  end
121
136
 
@@ -150,105 +165,24 @@ describe test_title, "when validating attribute values" do
150
165
  provider_class_with_logon_credentials = Puppet::Type.type(:service).provide(:simple) do
151
166
  has_features :manages_logon_credentials
152
167
  def logonpassword=(value) end
168
+ def logonaccount_insync?(current) end
153
169
  end
154
170
  allow(Puppet::Type.type(:service)).to receive(:defaultprovider).and_return(provider_class_with_logon_credentials)
155
171
  end
156
172
 
157
173
  describe "the 'logonaccount' property" do
158
- it "should not be munged nor checked when not on Windows" do
159
- allow(Puppet::Util::Platform).to receive(:windows?).and_return(false)
160
- service = Puppet::Type.type(:service).new(:name => "yay", :logonaccount => 'NonWindowsUser')
174
+ let(:service) {Puppet::Type.type(:service).new(:name => "yay", :logonaccount => 'myUser')}
161
175
 
162
- expect { service }.not_to raise_error
163
- expect(service[:logonaccount]).to eq('NonWindowsUser')
176
+ it "should let superclass implementation resolve insyncness when provider does not respond to the 'logonaccount_insync?' method" do
177
+ allow(service.provider).to receive(:respond_to?).with(:logonaccount_insync?).and_return(false)
178
+ expect(service.property(:logonaccount).insync?('myUser')).to eq(true)
164
179
  end
165
180
 
166
- context "when on Windows", :if => Puppet::Util::Platform.windows? do
167
- before do
168
- allow(Puppet::Util::Windows::User).to receive(:password_is?).and_return(true)
169
- allow(Puppet::Util::Windows::ADSI).to receive(:computer_name).and_return("myPC")
170
- allow(Puppet::Util::Windows::User).to receive(:get_rights).and_return('SeServiceLogonRight')
171
- end
172
-
173
- it "should fail when the `Log On As A Service` right is missing from given user" do
174
- allow(Puppet::Util::Windows::SID).to receive(:name_to_principal).and_return(Puppet::Util::Windows::SID::Principal.new("myUser", nil, nil, "myPC", :SidTypeUser))
175
- allow(Puppet::Util::Windows::User).to receive(:get_rights).with('myPC\\myUser').and_return("")
176
-
177
- expect { Puppet::Type.type(:service).new(:name => "yay", :logonaccount => 'myUser') }.to raise_error(Puppet::Error, /"myPC\\myUser" is missing the 'Log On As A Service' right./)
178
- end
179
-
180
- it "should fail when the `Log On As A Service` right is set to denied for given user" do
181
- allow(Puppet::Util::Windows::SID).to receive(:name_to_principal).and_return(Puppet::Util::Windows::SID::Principal.new("myUser", nil, nil, "myPC", :SidTypeUser))
182
- allow(Puppet::Util::Windows::User).to receive(:get_rights).with('myPC\\myUser').and_return("SeDenyServiceLogonRight")
183
-
184
- expect { Puppet::Type.type(:service).new(:name => "yay", :logonaccount => 'myUser') }.to raise_error(Puppet::Error, /"myPC\\myUser" has the 'Log On As A Service' right set to denied./)
185
- end
186
-
187
- it "should not fail when given user has the `Log On As A Service` right" do
188
- allow(Puppet::Util::Windows::SID).to receive(:name_to_principal).and_return(Puppet::Util::Windows::SID::Principal.new("myUser", nil, nil, "myPC", :SidTypeUser))
189
- allow(Puppet::Util::Windows::User).to receive(:get_rights).with('myPC\\myUser').and_return("SeServiceLogonRight")
190
-
191
- expect { Puppet::Type.type(:service).new(:name => "yay", :logonaccount => 'myUser') }.not_to raise_error
192
- end
193
-
194
- it "should not fail when given user is a default system account even if the `Log On As A Service` right is missing" do
195
- allow(Puppet::Util::Windows::SID).to receive(:name_to_principal).and_return(Puppet::Util::Windows::SID::Principal.new("LOCAL SERVICE", nil, nil, "NT AUTHORITY", :SidTypeUser))
196
- allow(Puppet::Util::Windows::User).to receive(:default_system_account?).and_return(true)
197
-
198
- expect(Puppet::Util::Windows::User).not_to receive(:get_rights)
199
- expect { Puppet::Type.type(:service).new(:name => "yay", :logonaccount => 'myUser') }.not_to raise_error
200
- end
201
-
202
- ['LocalSystem', '.\LocalSystem', 'myPC\LocalSystem', 'lOcALsysTem'].each do |user_input|
203
- it "should succesfully munge #{user_input} to 'LocalSystem'" do
204
- service = Puppet::Type.type(:service).new(:name => "yay", :logonaccount => user_input)
205
-
206
- expect { service }.not_to raise_error
207
- expect(service[:logonaccount]).to eq('LocalSystem')
208
- end
209
- end
210
-
211
- it "should succesfully munge local account" do
212
- allow(Puppet::Util::Windows::SID).to receive(:name_to_principal).and_return(Puppet::Util::Windows::SID::Principal.new("myUser", nil, nil, "myPC", :SidTypeUser))
213
- service = Puppet::Type.type(:service).new(:name => "yay", :logonaccount => 'myUser')
214
-
215
- expect { service }.not_to raise_error
216
- expect(service[:logonaccount]).to eq('.\myUser')
217
- end
218
-
219
- it "should succesfully munge domain account" do
220
- allow(Puppet::Util::Windows::SID).to receive(:name_to_principal).and_return(Puppet::Util::Windows::SID::Principal.new("DomainUser", nil, nil, "myDomain", :SidTypeUser))
221
- service = Puppet::Type.type(:service).new(:name => "yay", :logonaccount => 'DomainUser')
222
-
223
- expect { service }.not_to raise_error
224
- expect(service[:logonaccount]).to eq('myDomain\DomainUser')
225
- end
226
-
227
- it "should succesfully munge well known user" do
228
- allow(Puppet::Util::Windows::SID).to receive(:name_to_principal).and_return(Puppet::Util::Windows::SID::Principal.new("LOCAL SERVICE", nil, nil, "NT AUTHORITY", :SidTypeWellKnownGroup))
229
- service = Puppet::Type.type(:service).new(:name => "yay", :logonaccount => 'LocalService')
230
-
231
- expect { service }.not_to raise_error
232
- expect(service[:logonaccount]).to eq('NT AUTHORITY\LOCAL SERVICE')
233
- end
234
-
235
- it "should succesfully munge a SID" do
236
- allow(Puppet::Util::Windows::SID).to receive(:name_to_principal).and_return(Puppet::Util::Windows::SID::Principal.new("NETWORK SERVICE", nil, nil, "NT AUTHORITY", :SidTypeUser))
237
- service = Puppet::Type.type(:service).new(:name => "yay", :logonaccount => 'S-1-5-20')
238
-
239
- expect { service }.not_to raise_error
240
- expect(service[:logonaccount]).to eq('NT AUTHORITY\NETWORK SERVICE')
241
- end
242
-
243
- it "should fail when account is invalid" do
244
- allow(Puppet::Util::Windows::SID).to receive(:name_to_principal).and_return(nil)
245
- expect { Puppet::Type.type(:service).new(:name => "yay", :logonaccount => 'InvalidUser') }.to raise_error(Puppet::Error, /"InvalidUser" is not a valid account/)
246
- end
247
-
248
- it "should fail when sid type is not user or well known user" do
249
- allow(Puppet::Util::Windows::SID).to receive(:name_to_principal).and_return(Puppet::Util::Windows::SID::Principal.new("Administrators", nil, nil, "BUILTIN", :SidTypeAlias))
250
- expect { Puppet::Type.type(:service).new(:name => "yay", :logonaccount => 'Administrators') }.to raise_error(Puppet::Error, /"Administrators" is not a valid account/)
251
- end
181
+ it "should let provider resolve insyncness when provider responds to the 'logonaccount_insync?' method" do
182
+ allow(service.provider).to receive(:respond_to?).with(:logonaccount_insync?, any_args).and_return(true)
183
+ allow(service.provider).to receive(:logonaccount_insync?).and_return(false)
184
+
185
+ expect(service.property(:logonaccount).insync?('myUser')).to eq(false)
252
186
  end
253
187
  end
254
188
 
@@ -258,7 +192,6 @@ describe test_title, "when validating attribute values" do
258
192
  end
259
193
 
260
194
  it "should default to empty string when only logonaccount is being managed" do
261
- allow(Puppet::Util::Platform).to receive(:windows?).and_return(false)
262
195
  service = Puppet::Type.type(:service).new(:name => "yay", :logonaccount => 'myUser')
263
196
 
264
197
  expect { service }.not_to raise_error
@@ -271,70 +204,8 @@ describe test_title, "when validating attribute values" do
271
204
  end
272
205
 
273
206
  it "should fail when logonpassword includes the ':' character" do
274
- allow(Puppet::Util::Platform).to receive(:windows?).and_return(false)
275
207
  expect { Puppet::Type.type(:service).new(:name => "yay", :logonaccount => 'myUser', :logonpassword => 'my:Pass') }.to raise_error(Puppet::Error, /Passwords cannot include ':'/)
276
208
  end
277
-
278
- it "should not further check the password against given account when not on Windows" do
279
- allow(Puppet::Util::Platform).to receive(:windows?).and_return(false)
280
- expect { Puppet::Type.type(:service).new(:name => "yay", :logonaccount => 'myUser', :logonpassword => 'myPass') }.not_to raise_error
281
- end
282
-
283
- context "when on Windows", :if => Puppet::Util::Platform.windows? do
284
- before do
285
- allow(Puppet::Util::Windows::ADSI).to receive(:computer_name).and_return("myPC")
286
- allow(Puppet::Util::Windows::SID).to receive(:name_to_principal).and_return(name_to_principal_result)
287
- allow(Puppet::Util::Windows::User).to receive(:get_rights).and_return('SeServiceLogonRight')
288
- end
289
-
290
- it "should pass validation when given account is 'LocalSystem'" do
291
- allow(Puppet::Util::Windows::User).to receive(:localsystem?).with('LocalSystem').and_return(true)
292
- allow(Puppet::Util::Windows::User).to receive(:default_system_account?).with('LocalSystem').and_return(false)
293
-
294
- expect(Puppet::Util::Windows::SID).not_to receive(:name_to_principal)
295
- expect(Puppet::Util::Windows::User).not_to receive(:password_is?)
296
- expect { Puppet::Type.type(:service).new(:name => "yay", :logonaccount => 'LocalSystem') }.not_to raise_error
297
- end
298
-
299
- ['LOCAL SERVICE', 'NETWORK SERVICE', 'SYSTEM'].each do |predefined_local_account|
300
- describe "when given account is #{predefined_local_account}" do
301
- let(:name_to_principal_result) do
302
- Puppet::Util::Windows::SID::Principal.new(predefined_local_account, nil, nil, "NT AUTHORITY", :SidTypeUser)
303
- end
304
-
305
- it "should pass validation" do
306
- allow(Puppet::Util::Windows::User).to receive(:localsystem?).with(predefined_local_account).and_return(false)
307
- expect(Puppet::Util::Windows::User).to receive(:default_system_account?).with(predefined_local_account).and_return(true)
308
- expect(Puppet::Util::Windows::User).to receive(:default_system_account?).with("NT AUTHORITY\\#{predefined_local_account}").and_return(true)
309
-
310
- expect(Puppet::Util::Windows::User).not_to receive(:password_is?)
311
- expect { Puppet::Type.type(:service).new(:name => "yay", :logonaccount => predefined_local_account) }.not_to raise_error
312
- end
313
- end
314
- end
315
-
316
- let(:name_to_principal_result) do
317
- Puppet::Util::Windows::SID::Principal.new("myUser", nil, nil, "myPC", :SidTypeUser)
318
- end
319
-
320
- describe "when given logonaccount is not a predefined local account" do
321
- before do
322
- allow(Puppet::Util::Windows::User).to receive(:localsystem?).with('myUser').and_return(false)
323
- allow(Puppet::Util::Windows::User).to receive(:default_system_account?).with('myUser').and_return(false)
324
- allow(Puppet::Util::Windows::User).to receive(:default_system_account?).with('.\\myUser').and_return(false)
325
- end
326
-
327
- it "should pass validation if password is proven correct" do
328
- allow(Puppet::Util::Windows::User).to receive(:password_is?).with('myUser', 'myPass', '.').and_return(true)
329
- expect { Puppet::Type.type(:service).new(:name => "yay", :logonaccount => 'myUser', :logonpassword => 'myPass') }.not_to raise_error
330
- end
331
-
332
- it "should not pass validation if password check fails" do
333
- allow(Puppet::Util::Windows::User).to receive(:password_is?).with('myUser', 'myWrongPass', '.').and_return(false)
334
- expect { Puppet::Type.type(:service).new(:name => "yay", :logonaccount => 'myUser', :logonpassword => 'myWrongPass') }.to raise_error(Puppet::Error, /The given password is invalid for user '.\\myUser'/)
335
- end
336
- end
337
- end
338
209
  end
339
210
  end
340
211
 
@@ -195,17 +195,27 @@ describe tidy do
195
195
  allow(Puppet::FileServing::Fileset).to receive(:new).and_return(@fileset)
196
196
  end
197
197
 
198
- it "should use a Fileset for infinite recursion" do
199
- expect(Puppet::FileServing::Fileset).to receive(:new).with(@basepath, :recurse => true).and_return(@fileset)
198
+ it "should use a Fileset with default max_files for infinite recursion" do
199
+ expect(Puppet::FileServing::Fileset).to receive(:new).with(@basepath, :recurse => true, :max_files=>0).and_return(@fileset)
200
200
  expect(@fileset).to receive(:files).and_return(%w{. one two})
201
201
  allow(@tidy).to receive(:tidy?).and_return(false)
202
202
 
203
203
  @tidy.generate
204
204
  end
205
205
 
206
- it "should use a Fileset for limited recursion" do
206
+ it "should use a Fileset with default max_files for limited recursion" do
207
207
  @tidy[:recurse] = 42
208
- expect(Puppet::FileServing::Fileset).to receive(:new).with(@basepath, :recurse => true, :recurselimit => 42).and_return(@fileset)
208
+ expect(Puppet::FileServing::Fileset).to receive(:new).with(@basepath, :recurse => true, :recurselimit => 42, :max_files=>0).and_return(@fileset)
209
+ expect(@fileset).to receive(:files).and_return(%w{. one two})
210
+ allow(@tidy).to receive(:tidy?).and_return(false)
211
+
212
+ @tidy.generate
213
+ end
214
+
215
+ it "should use a Fileset with max_files for limited recursion" do
216
+ @tidy[:recurse] = 42
217
+ @tidy[:max_files] = 9876
218
+ expect(Puppet::FileServing::Fileset).to receive(:new).with(@basepath, :recurse => true, :recurselimit => 42, :max_files=>9876).and_return(@fileset)
209
219
  expect(@fileset).to receive(:files).and_return(%w{. one two})
210
220
  allow(@tidy).to receive(:tidy?).and_return(false)
211
221
 
@@ -270,6 +280,13 @@ describe tidy do
270
280
  @ager.tidy?(@basepath, @stat)
271
281
  end
272
282
 
283
+ it "should return true if the specified age is 0" do
284
+ @tidy[:age] = "0"
285
+ expect(@stat).to receive(:mtime).and_return(Time.now)
286
+
287
+ expect(@ager).to be_tidy(@basepath, @stat)
288
+ end
289
+
273
290
  it "should return false if the file is more recent than the specified age" do
274
291
  expect(@stat).to receive(:mtime).and_return(Time.now)
275
292
 
@@ -411,7 +428,7 @@ describe tidy do
411
428
  @tidy[:recurse] = true
412
429
  @tidy[:rmdirs] = true
413
430
  fileset = double('fileset')
414
- expect(Puppet::FileServing::Fileset).to receive(:new).with(@basepath, :recurse => true).and_return(fileset)
431
+ expect(Puppet::FileServing::Fileset).to receive(:new).with(@basepath, :recurse => true, :max_files=>0).and_return(fileset)
415
432
  expect(fileset).to receive(:files).and_return(%w{. one two one/subone two/subtwo one/subone/ssone})
416
433
  allow(@tidy).to receive(:tidy?).and_return(true)
417
434
 
@@ -433,7 +450,7 @@ describe tidy do
433
450
  @tidy[:recurse] = true
434
451
  @tidy[:rmdirs] = true
435
452
  fileset = double('fileset')
436
- expect(Puppet::FileServing::Fileset).to receive(:new).with(@basepath, :recurse => true).and_return(fileset)
453
+ expect(Puppet::FileServing::Fileset).to receive(:new).with(@basepath, :recurse => true, :max_files=>0).and_return(fileset)
437
454
  expect(fileset).to receive(:files).and_return(%w{. a a/2 a/1 a/3})
438
455
  allow(@tidy).to receive(:tidy?).and_return(true)
439
456
 
@@ -446,7 +463,7 @@ describe tidy do
446
463
  @tidy[:noop] = true
447
464
 
448
465
  fileset = double('fileset')
449
- expect(Puppet::FileServing::Fileset).to receive(:new).with(@basepath, :recurse => true).and_return(fileset)
466
+ expect(Puppet::FileServing::Fileset).to receive(:new).with(@basepath, :recurse => true, :max_files=>0).and_return(fileset)
450
467
  expect(fileset).to receive(:files).and_return(%w{. a a/2 a/1 a/3})
451
468
  allow(@tidy).to receive(:tidy?).and_return(true)
452
469
 
@@ -174,6 +174,51 @@ describe Puppet::Type.type(:user) do
174
174
  end
175
175
  end
176
176
 
177
+ describe "when managing the purge_ssh_keys property" do
178
+ context "with valid input" do
179
+ it "should support a :true value" do
180
+ expect { described_class.new(:name => 'foo', :purge_ssh_keys => :true) }.to_not raise_error
181
+ end
182
+
183
+ it "should support a :false value" do
184
+ expect { described_class.new(:name => 'foo', :purge_ssh_keys => :false) }.to_not raise_error
185
+ end
186
+
187
+ it "should support a String value" do
188
+ expect { described_class.new(:name => 'foo', :purge_ssh_keys => File.expand_path('home/foo/.ssh/authorized_keys')) }.to_not raise_error
189
+ end
190
+
191
+ it "should support an Array value" do
192
+ expect { described_class.new(:name => 'foo', :purge_ssh_keys => [File.expand_path('home/foo/.ssh/authorized_keys'),
193
+ File.expand_path('custom/authorized_keys')]) }.to_not raise_error
194
+ end
195
+ end
196
+
197
+ context "with faulty input" do
198
+ it "should raise error for relative path" do
199
+ expect { described_class.new(:name => 'foo', :purge_ssh_keys => 'home/foo/.ssh/authorized_keys') }.to raise_error(Puppet::ResourceError,
200
+ /Paths to keyfiles must be absolute/ )
201
+ end
202
+
203
+ it "should raise error for invalid type" do
204
+ expect { described_class.new(:name => 'foo', :purge_ssh_keys => :invalid) }.to raise_error(Puppet::ResourceError,
205
+ /purge_ssh_keys must be true, false, or an array of file names/ )
206
+ end
207
+
208
+ it "should raise error for array with relative path" do
209
+ expect { described_class.new(:name => 'foo', :purge_ssh_keys => ['home/foo/.ssh/authorized_keys',
210
+ File.expand_path('custom/authorized_keys')]) }.to raise_error(Puppet::ResourceError,
211
+ /Paths to keyfiles must be absolute/ )
212
+ end
213
+
214
+ it "should raise error for array with invalid type" do
215
+ expect { described_class.new(:name => 'foo', :purge_ssh_keys => [:invalid,
216
+ File.expand_path('custom/authorized_keys')]) }.to raise_error(Puppet::ResourceError,
217
+ /Each entry for purge_ssh_keys must be a string/ )
218
+ end
219
+ end
220
+ end
221
+
177
222
  describe "when managing the uid property" do
178
223
  it "should convert number-looking strings into actual numbers" do
179
224
  expect(described_class.new(:name => 'foo', :uid => '50')[:uid]).to eq(50)